View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 7, 2011

Apple’s software flaw may allow hackers to build data-stealing apps

A prototype malicious programme was not identified by Apple's App Store

By CBR Staff Writer

A software flaw in iPhones and iPads was identified by an expert on Apple device security that may enable hackers to build apps for secretly installing programmes to steal data, send text messages or destroy information.

Apple’s App Store failed to identify a malicious programme, a prototype that was built by Charlie Miller, a researcher with Accuvant Labs, to test the flaw, reported Reuters.

The test demonstrated the presence of a threat of real malware in the App Store, though no evidence was found to confirm that hackers have exploited the vulnerability in Apple’s iOS software.

Miller was quoted by Reuters as saying, "Until now you could just download everything from the App Store and not worry about it being malicious. Now you have no idea what an app might do."

To prove the point, a stock-market monitoring tool InstaStock was built by Miller. The tool was programmed to connect to his server once downloaded, and to then download whatever programme he wants.

Content from our partners
Powering AI’s potential: turning promise into reality
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.